Genetic profiling and banking system and method

ABSTRACT

A method is provided for determining whether a third party is authorized to access information representative of genetic data. This information representative of genetic data is associated with a physical sample and is provided in an accessible format. A set of access rights is received that define which third parties can access the information and how the information can be used. A third party requests to access the information for the purposes of performing a test. The request is compared to the access rights. If the third party is authorized, the test is performed on the information. If, however, the third party is not authorized, access is denied.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation application of pending U.S.application Ser. No. 12,133,176, filed Jun. 4, 2008, entitled “GENETICPROFILING AND BANKING SYSTEM AND METHOD,” which is a continuation ofU.S. application Ser. No. 11/426,823, filed Jun. 27, 2006, now U.S. Pat.No. 7,401,026, entitled “GENETIC PROFILING AND BANKING SYSTEM ANDMETHOD,” which was a continuation of U.S. application Ser. No.10/691,205 filed Oct. 21, 2003, now abandoned, entitled “GENETICPROFILING AND BANKING SYSTEM AND METHOD,” which was a continuation ofU.S. application Ser. No. 09/425,085, filed Oct. 22, 1999, now U.S. Pat.No. 6,640,211, entitled “GENETIC PROFILING AND BANKING SYSTEM ANDMETHOD,” the contents of each application is hereby incorporated byreference.

STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT

Not applicable.

BACKGROUND OF THE INVENTION

This invention relates to a system for profiling and banking geneticinformation about individuals.

Genetic information derived from a sample can be used to determinemedical and other information about an individual. Obtaining geneticsamples and testing those samples raises concerns about privacy, access,and the use of the resulting information. Such information could,however, be useful for individuals and medical practitioners.

Currently there are companies that provide banking services for storingphysical samples of genetic material from biological tissue, such asblood or cheek cells. That material can be retrieved from storage andtested as desired. Removing the sample and having it tested is timeconsuming and may be repetitive if multiple tests are needed over time.

SUMMARY OF THE INVENTION

The present invention includes systems and methods for storing andaccessing genetic information. The systems and methods preferablyprovide protection against unauthorized access and use, but provideconvenience in accessing and using genetic information if such use isproperly authorized.

In a first aspect of the present invention, a method for determiningauthorization for a third party is provided. The method includesproviding information representative of genetic data associated with aphysical sample in an accessible format, and receiving a set of accessrights defining conditions under which third parties can access theinformation. Further, the method includes receiving a request from athird party to access the information to perform a test on theinformation and comparing the third party request with the access rightsto confirm that the third party is authorized to access the informationrequested. If the third party is authorized, the method includesperforming the requested test on the information. If the third party isnot authorized, access is denied.

In a second aspect of the present invention, a system embodied on acomputing device having a processing system and a testing system isprovided for determining authorization for a third party. The systemincludes a processing system configured for receiving a request from athird party to access genetic data for the purpose of performing a test,wherein the genetic data is stored in a database and an access controlsystem configured for determining whether the third party is authorizedto access the genetic data for the purpose of the test based on storedaccess rights. If the third party is authorized to access the geneticdata, the test is performed on the genetic data. If the third party isnot authorized to access the genetic data, access is denied to the thirdparty and the test is not performed.

In a third aspect of the present invention, a method embodied on acomputing device having a processing system and a testing system fordetermining authorization for a third party. The method includesreceiving from a third party at the computing device a request to accessstored genetic data of a patient to perform a test to determine thepresence or absence of a gene or genetic variant or level of expressionof a marker associated with a specified disease. Further, the methodincludes determining whether the third party is authorized to access thegenetic data for the purpose of the test based on stored access rights.If the third party user is authorized to access the genetic data for thepurpose of the test, the test is performed on the genetic data and theresults are reported to the third party requesting the test information.If the third party is not authorized to access the genetic data for thepurpose of the test, access to the third party is denied and the test isnot performed.

In a method according to the present invention, a patient enrolls in agenetic banking system and provides a source of genetic material, suchas a blood sample. The sample is processed using a combination ofexperimental and/or in silico techniques to produce a genetic profilefor the patients. The processed data is stored in a database to create agenetic profile for that patient. A remaining portion of the physicalsample may also be stored for further use if needed.

The patient, either at the time of enrollment or after a sample isprocessed, can dictate access rights, including the ability of thirdparties (other than the individual or the genetic bank itself), such asmedical practitioners, to access this profile, and the specific purposesfor which the profile can be accessed and used. Thus, the patient canspecify both the people who will have access, and the uses for whichthey have access.

The system provides user interfaces for the user to enter identificationinformation and access rights. The bank can prepare standard protocolsthat describe allowed and proscribed data sharing.

A medical practitioner authorized to have access by the patient andconfirmed by the access control system can access the profile that isstored and can run tests based on the profile as stored in the database;for example, such a test can be run to determine the presence or absenceof certain markers.

In another aspect, a system according to the present invention includesa database for storing genetic data on individuals and an access controlsystem that controls access to the database and manages the tests thatare to be done. The control system interacts with (or includes) atesting system to cause the testing system to process the profile datato conduct the desired test. The control system authorizes the test andprovides the results.

The system allows users to store a comprehensive digitized DNA profilebased on a sample, in addition to storage of physical samples. Thepatient has control to voluntarily allow access to particular people andfor particular purposes, thus protecting the privacy of thatinformation. Because the samples have been processed and digitized,additional tests can be performed without requiring repetitive use ofactual physical samples. Other features and advantages will becomeapparent from the following description of preferred embodiments,drawings, and claims.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of a system according to the presentinvention.

FIGS. 2-4 are flow charts showing methods according to the presentinvention.

DESCRIPTION OF PREFERRED EMBODIMENTS

A genetic banking system 10 has a database 18 for storing geneticprofiles, and a processing system 12 for controlling interactionsbetween a patient 14 and database 18, and between a medical practitioner16 and database 18. System 10 may also include data integration andanalysis functionalities and a testing system 20 that is linked todatabase 18, and may also include physical storage 22 for storingphysical samples of genetic material. Processing system 12 maintainsaccess rights that allow a patient to specify and control the access tothe profile by others such as medical practitioners, enforces the accessrights that are voluntarily provided from the patient, causes testingsystem 20 to perform a desired test, and provides results to the medicalpractitioner.

Database 18 may be a relational database with a relational databasemanagement system (RDBMS), or it may use technology such as that inACEDB, a genome database system that has a custom database kernel, adata model designed specifically for handling scientific data flexibly,and a graphical user interface with many specific displays and tools forgenomic data. ACEDB software and supporting tools are publicly availablevia the Internet by download.

Processing system 12 and the testing system 20 may each include aspecial purpose computer, a workstation, a server, or some combinationof linked computers, workstations, and/or servers for interfacing withusers, processing, information and performing tests. The connectionsemployed are preferably high speed, TCP/IP connections, such as T1lines. The testing system may be independent and remote from processingsystem 12 that interacts with users and medical practitioners, or thetesting system and processing system may be part of one largerprocessing system.

Referring to the flow chart of FIG. 2, a source of genetic material,such as a blood sample, is provided by a patient for testing purposesafter the patient enrolls with the system (100). This enrollment processincludes the processing system 4 providing a user interface to thepatient, and the patient providing information about himself/herselfthrough the user interface to the processing system abouthimself/herself. The patient, using the user interface, voluntarilyestablishes conditions under which the genetic information can beaccessed, preferably through use of a menu of standard protocols or byselecting a standard protocol and customizing it. The patient can thusdetermine access rights, including both who gets access and the usesthat can be made of that genetic information. Thus, at least-someauthorized third parties users may have access for some purposes and notfor other purposes, or some third parties may have access rights set toall for all purposes.

To confirm selections regarding access and use made by the patients, thesystem preferably employs a process of querying and confirming throughthe user interface, and preferably also includes information for thepatient about the system and about the tests. Redundancies and checkscan be provided in the interaction between the patient and the userinterface during the enrollment process so that the patient understandsthe possible uses of the profile and the consequences of selecting whogets access and the uses for that access.

To enroll, the patient preferably either obtains from the processingsystem a password at the time of enrollment, or the patient may havepreviously been provided with a password for confidentiality. The systempreferably provides a high level of security and may include mechanismssuch as digital certificates in addition to the password protection. Theenrollment can take place-on a private or other closed or dedicatednetwork, such as a LAN or Intranet, or with appropriate securitymeasures, over the Internet, and can be performed without additionalhuman intervention (i.e., additional to the user). For Internetinteraction, the processing system can include a web server forproviding pages or forms and for receiving information entered ontothose forms.

When the patient is enrolled, the patient has a physical source ofgenetic material shipped to the genetic banking system or some otherdesired location for processing (102).

At a later time, the patient can use the password or a new password tochange selections for who can get access and the uses for which accesscan be made. In addition, the selections can “time out” such that theuser must re-confirm selections after some period of time or else theaccess rights are terminated.

The physical sample is processed by the testing system and the resultsof the processing are stored in the database. The processing that isperformed on the sample can vary depending on the genetic banking andtesting services that are provided, but can include genotyping andbioinformatic profiling of general and/or specific genetic markerpanels. Such information can be used to determine risks of many diseasesincluding, without limitation, cancer, Huntington's Disease, Alzheimer'sDisease, and hypertension. The tests can be done through a number ofdifferent methods, such as fluorescence, optical density, massspectroscopy, DNA sequencing, microarray-based assays, or other currentmethods or methods to be developed. The data that is provided from thesetests is digitally stored in the database as a genetic profile of thepatient for subsequent analysis and tests.

After the tests are done, the actual physical sample (or at least anyremaining portion) may be stored if desired in case it is needed forconfirmation or other future purposes (106). This physical storage canbe done using known cryogenic techniques.

Referring to FIG. 3, a third party, such as a medical practitioner(i.e., a party other than the patient or people associated with themanagement and/or operation of the genetic banking system), may seekaccess to an enrolled individual's profile in the database (110) using auser interface provided from the processing system to the practitioner.The practitioner is authenticated, such as through the use of digitalcertificates and/or password protection before he/she can access theinformation. The system compares the access rights entered by thepatient into the system with that third party practitioner seekingaccess to the patient's profile. The system then determines whetheraccess is allowed for that third party practitioner (112).

If the access is allowed, the practitioner can seek to have a testperformed, such as a search of the profile for markers for Huntington'sDisease (114). The system determines whether the test is authorized bycomparing the type of test that is desired with the access rightsentered by the patient (116) (a practitioner may have access for somepurposes but not others). If the test is authorized, the processingsystem forwards the request to the testing system to perform the test.The results of the test can be analyzed in the processing system ifneeded and provided to the practitioner, preferably in an encrypted form(118). The connections that are provided, particularly between database18 and testing system 20, should have high bandwidth to allow asignificant amount of data to be quickly provided to the testing systemfor the results. Testing system 20 should be sufficientlycomputationally intensive in order to perform the requested tests.

If access by the practitioner is not allowed; or if the particular testis not authorized, the patient can log in to the system to provide theappropriate authorizations for access (120, 122).

The practitioner can seek access over a dedicated or closed network, orwith appropriate security, over the Internet. The processes of seekingaccess, confirming access, performing the test, and reporting resultscan all be performed without additional human intervention (other thanthe medical practitioner himself/herself).

The patient mayor may not have access to have tests run individually andwithout the tests being performed for a medical practitioner. It may bedesirable for the patient only to have access through a medicalpractitioner who can explain to the patient the actual meaning of thetests. However, it would also be possible to allow the patient to havetests performed and to have access to the results.

Referring to FIG. 4, a more detailed example of the sample processingprocess is shown. In this process, the DNA is extracted from the sample,such as the blood sample (130). Extraction of DNA from a sample of cellsmay be accomplished by any standard method. Using the patient's DNAsample, a complete genotype (GT) and pan-loci ID are performed (132).For example, a single nucleotide polymorphism (SNP) map may be generatedfrom the patient's DNA sample. In the alternate, if the patient has oris predisposed to develop a specific disease, genes (e.g., mutations,aberrant expression patterns) associated with those diseases may bedirectly sequenced from the patient's sample. Next, high-throughput (HT)genotyping is executed (134). The results of the genotyping data areprovided in reports that are preferably customized for convenient use(136).

Several non-limiting genes, and the diseases with which they areassociated, which can be sequenced and/or from which a SNP map can begenerated according to the methods of the invention are provided inPulst S. M. (1999) Neurol. 56(6): 667-672; Ballantyne et al. (1997) J.Cardiovasc. Risk 4(5-6):353-356; Marian, A. J. (1997) J. Cardiovasc.Risk 4(5-6): 341-345; Marian, A. J. (1997) J. Cardiovasc. Risk 4(5-6):333-339; Hallman, D. M. et al. (1997) J. Cardiovasc. Risk 4(5-6):325-331; Ballantyne et al. (1997) J. Cardiovasc. Risk 4(5-6): 321-323.Additional genes the diseases with which they are associated are listedin Table 1.

TABLE I Gene Disease Reference* p53 cervical cancer Zehbe et al. (1999)Lancet 354(9174): 218-219 BRCA1 breast cancer Hakansson et al. (1997)Am. J. Hum. Genet 60(5): 1068-1078 BRCA2 breast cancer Hakansson et al.(1997) Am. J. Hum. Genet. 60(5): 1068-1078 CTLA-4 thyroid Vaidya et al.(1999) Lancet associated 354(9180): orbitopathy 743-744 nitric oxidesynthase coronary artery Liao et al. (1999) Angiology (eNOS) disease50(8): 671-676 gene encoding Tangier disease Rust et al. (1999) Nat.Genet. human ATP 22(4): 352-355; Brooks-Wilson cassette-binding (1999)Genet. 22(4): 336-345 transporter 1 (ABC1) CTLA-4 multiple sclerosisLigers et al. (1999) J. Neuroimmunol. 97(1-2): 182-190 genetic markermultiple sclerosis Shinar et al. (1998) J. Mol. D65461 Neurosci. 11(3):265-269 Microdeletions at Van der Woude Schutte et al. (1999) Am. J.chromosome bands syndrome Med. Genet. 84(2): 145-150 1q32-q41 chromosome21q22 bipolar affective Aita et al. (1999) Am. J. Hum. disorder Genet.64(1): 210-217. *each reference is hereby incorporated by reference

In addition to specific genes associated with specific diseases, manydiseases are characterized by their association with a set of at leastone genetic marker which can be detected using the methods of thepresent invention. For example, a marker in the UCP-2/UCP-3 gene clusterhas been linked to a genetic susceptibility to anorexia nervosa(Campbell et al. (1999) Mol. Psychiatry 4(1): 68-70) Likewise, geneticmarkers in addition to apolipoprotein E (APOE) polymorphism has beenassociated with Alzheimer's disease (Scacchi et al. (1999) Neurosci.Lett. 259(1): 33-36). Parkinson's disease is similarly associated with acertain combined alpha-synuclein/apolipoprotein E genotype (Kruger etal. (1999) Ann. Neural. 45(5): 611-617). The methods of the inventionmay also be employed to detect the presence of a multigenetic disease(or the predisposition to develop such a disease) that is associatedwith and/or caused by the allelic variants of more than one gene.

For the purposes of the invention, it matters not whether the disease iscaused by and/or correlated with the associated genetic marker orwhether the associated genetic marker is caused by and/or correlatedwith the disease. What is relevant is that certain genetic markers, suchas allelic variants, are associated with certain disease phenotypesand/or predisposition to develop the disease.

The invention provides an accessible confidential database that createsand stores genetic information, such as an SNP map, from patient DNA. Asmore patient samples are added to the database of the invention, and asresearchers find more associations between genetic markers andparticular disease phenotypes, use of the invention provides an on-goingself-perpetuating advancement into the development of associationsbetween genetic markers and certain diseases. Moreover, with appropriatesecurity and privacy cautions, the database can be used in an anonymousmanner to allow researchers to access a body of genetic information forresearch and analysis purposes.

The system of the present invention thus allows a patient to voluntarilybank genetic information that can be used quickly to determine geneticand medical information about that individual, particularly informationthat relates to whether the individual carries genetic informationassociated with known diseases. The system provides restrictions,however, that allow the user to retain privacy and limit. unauthorizedaccess to his/her genetic information. The system is thus unlike asystem, for example, in which DNA information, like fingerprintinformation, is stored for identification purposes to use DNAinformation to identify individuals involved in specific criminalactivities; in such a case, the individual who provides the sample wouldgenerally not have voluntary control to establish the ability of othersto access the information, and such systems would generally not have theability to test for a number of different medical purposes for which theDNA information can be accessed by others.

The patents and scientific literature referred to herein establish theknowledge of those with skill in the art and are hereby incorporated byreference in their entirety to the same extent as if each wasspecifically and individually indicated to be incorporated by reference.Any conflict between any reference cited herein and the specificteachings of this specification shall be resolved in favor of thelatter. Likewise, any conflict between an art-understood definition of aword or phrase and a definition of the word or phrase as specificallytaught in this specification shall be resolved in favor of the latter.

Having described a preferred embodiment of the present invention, itshould be apparent that modifications can be made without departing fromthe scope of the invention as defined by the appended claims. Forexample, the authorization is described as a two-step process ofchecking the user then the purpose, although the authorization couldcombine user and purpose into one combined access right. Whilecomponents of the preferred embodiment may have certain benefits andadvantages noted herein, other systems and components thereof maynonetheless be within the scope of the claims without necessarily havingeach and everyone of the noted benefits and advantages.

1. A method for determining authorization for a third party, the methodcomprising: providing information representative of genetic dataassociated with a physical sample in an accessible format; receiving aset of access rights defining conditions under which third parties canaccess the information; receiving a request from a third party to accessthe information to perform a test on the information; comparing, at acomputing device having a processor, the third party request with theaccess rights to confirm that the third party is authorized to accessthe information requested; if the third party is authorized, performingthe requested test on the information; and if the third party is notauthorized, denying access.
 2. The method of claim 1, wherein theinformation representative of the genetic data comprises one or more of:(1) data representing levels of express of nucleic acids or proteinsfrom the physical sample, (2) a genotype of the physical sample, (3) amolecular profile from the physical sample, (4) data associated with agenetic marker panel, or (5) data associated with a disease phenotype.3. The method of claim 1, wherein the physical sample is one or more ofa sample of cells, a tissue sample, a sample of blood and itsderivatives, or bodily fluids.
 4. The method of claim 1, whereinreceiving the request from a third party to access the information toperform the test includes receiving the request to compare the geneticor molecular data against at least one marker associated with acondition.
 5. The method of claim 1, wherein receiving the request froma third party to access the information to perform the test includesreceiving the request to compare the genetic data against at least oneallelic variant.
 6. The method of claim 1, further comprising providingan indication when the request to access the data has been denied. 7.The method of claim 1, wherein performing the request test includescomparing the information to other data associated with a known disease.8. The method of claim 1, wherein performing the requested test includesidentifying in the information at least one of a number of genetic ormolecular markers associated with certain disease phenotypes.
 9. Asystem embodied on a computing device having a processing system and atesting system for determining authorization for a third party, thesystem comprising: a processing system configured for receiving arequest from a third party to access genetic data for the purpose ofperforming a test, wherein the genetic data is stored in a database; andan access control system configured for determining whether the thirdparty is authorized to access the genetic data for the purpose of thetest based on stored access rights, wherein: if the third party isauthorized to access the genetic data, performing the test on thegenetic data, and if the third party is not authorized to access thegenetic data, denying access to the third party and not performing thetest.
 10. The system of claim 9, wherein the third party requestincludes a request to compare the genetic or molecular data against atleast one marker associated with a condition.
 11. The system of claim 9,wherein the third party request includes a request to compare thegenetic data against at least one allelic variant.
 12. The system ofclaim 9, wherein the access control system is further configured forcomparing the stored information to other data associated with a knowndisease.
 13. The system of claim 9, wherein the access control system isfurther configured for identifying in the stored information at leastone of a number of genetic or molecular markers associated with certaindisease phenotypes.
 14. A method embodied on a computing device having aprocessor and a testing system for determining authorization for a thirdparty, the method comprising: receiving from a third party at thecomputing device a request to access stored genetic data of a patient toperform a test to determine the presence or absence of a gene or geneticvariant or level of expression of a marker associated with a specifieddisease; determining, at the computing device having the processor,whether the third party is authorized to access the genetic data for thepurpose of the test based on stored access rights; if the third partyuser is authorized to access the genetic data for the purpose of thetest, performing the test on the genetic data and reporting the resultsto the third party requesting the test information; and if the thirdparty is not authorized to access the genetic data for the purpose ofthe test, denying access to the third party and not performing the test.15. The method of claim 14, further comprising processing a physicalsample to generate genetic information representative of the geneticdata associated with the physical sample.
 16. The method of claim 15,wherein the physical sample is one or more of a sample of cells, atissue sample, a sample of blood and its derivatives, or bodily fluids.17. The method of claim 14, wherein the request is received over theInternet.
 18. The method of claim 14, wherein performing the testincludes determining whether a specific genetic variant is present. 19.The method of claim 14, wherein performing the test includes determiningthe level of express of a specific gene.
 20. The method of claim 14,wherein the stored access rights indicate which third parties haveaccess to the genetic data and uses for the access to the genetic data.